Re: Google will no longer send SMSs with six digit codes for verification

On 2025-03-06 22:46, VanguardLH wrote:

"Carlos E.R." <robin_listas@es.invalid> wrote:
 

VanguardLH wrote:
>

Google won't be using SMS to send QR codes.

>
They did not said they would.

  From the article cited in the starter thread:
 https://www.forbes.com/sites/daveywinder/2025/02/26/google-confirms-gmail-to-ditch-sms-code-authentication/
Gmail spokesperson Ross Richendrfer told me, “we want to move away from
sending SMS messages for authentication.”
 There are other online article mentioning the same move away from SMS
for authentication by Google, like:

That's not saying they would be using SMS to send QR codes.

 https://www.itpro.com/security/google-is-dropping-sms-authentication-for-qr-codes
https://www.techradar.com/pro/security/google-is-ditching-sms-and-will-now-use-qr-codes-for-gmail-account-authentication
 There are lots of articles stating Google intends to drop SMS transport.
However, it's not always evident when an article is regurgitating what
someone else reported.  They come back to what a Gmail spokeperson said,
and I don't believe the articles are lying about that.
 It's in the wet dream planning stage, so how they implement the move to
QR images could change to staying with SMS, or moving to Google Prompt
or some other communications venue.
 I really hate to graft my smartphone to my hand to ensure it is readily
accessible for this security theater machinations. 

The occasions when I had to check that SMS have been very rare, not even once a month. Going to the kitchen to fetch the phone once a month is not a chore.

I'm too old for all
this jumping through hoops of fire.  Rather than run through the house
looking for my smartphone (it's usually on a different floor of the
house in a charging cradle next to the side door by the garage where I
enter), I'll just forego the security theater, and go somewhere else for
e-mail service.  Logging in is getting more complicated to the user and
at the server than the e-mail service itself.
 As I said, Gmail is NOT my primary e-mail provider; however, what Google
does, and if doable at other sites, the plague will spread.  Remember
what happened with Google and Microsoft fucking up OAUTH, a protocol, to
turn it into the OAUTH2 framework, and OAUTH2 (Google's variant) got
adopted at many other e-mail providers.

--
Cheers, Carlos.